Winning The Cybersecurity Battle Against Malware: Isolation The Only Real Solution

Cyber hackers are exploiting the inherent vulnerabilities associated with browser code and plug-ins to launch devious cyber attacks, impacting business continuity and revenues, along with eroding consumer trust and loyalty

Browsers are our window to the World Wide Web, as we access various types of browsers on a variety of smart devices, umpteen times a day. The ubiquitous web browser - the strategically important application on corporate desktops, ironically, is also the only application on the desktop that regularly downloads and executes code from both trusted and untrusted networks. To borrow an analogy from airport security, the browser, by default, does not ‘scan’ or ‘frisk’ the code that enters and executes on the endpoint. As a result, browsers which keep the business connected to the global economy, have also become the preferred channel for cybercriminals to snake their way into our devices & systems.

Cyber hackers are exploiting the inherent vulnerabilities associated with browser code and plug-ins to launch devious cyber attacks, impacting business continuity and revenues, along with eroding consumer trust and loyalty. Multiple vulnerabilities detected across popular browsers such as Google Chrome, Thunderbird, SeaMonkey and Mozilla Firefox by cyber sleuths in India, all highlight security issues within the browser. A recent advisory issued by the Computer Emergency Response Team of India (CERT-IN) has listed key browser vulnerabilities: of how browsers could be exploited by a remote attacker to bypass certain security restrictions, disclose potentially sensitive information, gain escalated privileges, execute arbitrary code and cause denial of service condition on the affected system.

For enterprises of all size and shape and government institutions alike, web-based cyber attacks pose a great security challenge and concern, in times of complex strains of APTs, drive-by-downloads, polymorphic threats, and zero-day attacks launched through web browsers.

Though organizations heavily rely on secure web gateways and, or firewalls to detect and prevent Internet-borne threats delivered through users’ browsers, they are simply not adequate. There is way too much data on users, customers, organizations and reputations at risk. Detection-based approaches are not accurate and it is inevitable that some websites are misclassified or cannot be classified. This opens the door to new malicious sites, especially since many enterprises allow access to uncategorized sites. The limitations of this technology are further compounded with ingenious ways adopted by hackers for circumventing the detection-based approach with several mechanisms used in proxies.

Similarly, other popular traditional detection based technologies like endpoint sandboxing, cloud-based proxies and signature-based malware scanning also have inherent limitations resulting in security compromises. This brings the focus back on how traditional network security tools that rely on outdated detection-based technologies to scan web content and decide if it is good or bad, aren’t effective in preventing the modern day attacks techniques of polymorphic threats and zero-day exploits.

Combating Malware with Isolation

Britain's communications regulator, Ofcom recently found that adults spend an average of 20 hours/ week online, and most of that time is spent on a web browser. This statistic when combined with industry estimates of 80% malware introduced through the browser and 10 new strands of malware code released every second, highlights the urgency to devise a full-proof mechanism that can contain malware attacks emanating from the browser. So how can organizations ensure the safety of their data when it is practically served on a platter to cybercriminals?

Enter Isolation Technology

The speed and agility with which new strains of malware are getting concocted by hackers, it is becoming near impossible for anyone specific security solution to guard against all the possible attack vectors. It is therefore imperative to stop detecting Good code versus Malware and simply isolate all the web content assuming it is bad or malicious - and hence, a potential threat. What the industry truly needs today, is a comprehensive solution, that can isolate the web session outside the network, thus preventing any browser-borne malware from entering the network and gaining unauthorized access to sensitive information.

This brings us to the innovative Isolation approach, based on the concept of creating an “air-gap” between the web and users, to eliminate the possibility of threats reaching endpoint devices. It helps contain the damage by isolating end-user internet browsing sessions from enterprise endpoints and networks. By isolating the browsing function in a virtual machine, which processes all the computer code delivered from the web outside of the protected network, malware is kept off the end-user's system. The comprehensive isolation apparatus completely isolates the web browser, its extensions and plugins outside the protected network in a purpose-built, hardened system – thus introducing a new type of barrier against modern attack techniques.

Why It Works:

With isolation, because all content is executed away from endpoints, users are completely protected from malicious websites. It provides a dual advantage to its users:

No code executes on the endpoint - protection from the most advanced web-borne threats by isolating all web content outside the network perimeter

Once an Isolation barrier is set up, even the malicious code that has previously been downloaded and is hidden in the endpoint cannot call home rendering it useless.

Isolation, the foundation of cyber resilient enterprises

When it comes to fighting cybercrime, a preventive approach always bodes well for organizations. In today’s rapidly changing threat environment, it is imperative to have a comprehensive malware isolation approach that executes all the web code outside of the vulnerable network, thus automatically breaking the “kill chain” of advanced sophisticated attacks.

In an era of rapidly converged digital systems, we strongly believe that Isolation is the only way to ensure complete protection against any kind of modern web-borne malware attack. Acclaimed industry bodies like Gartner have recognized Isolation as one of the top 10 technologies to adopt in Information Security, and have predicted a rapid rise in adoption of the same. Gartner predicts that by the year 2020 up to 50% organizations would have invested in Isolation technology, up from the current five percent. With accelerated adoption and industry recognition, Isolation will lead the drive of building resilient and secure digital businesses.

Disclaimer: The views expressed in the article above are those of the authors' and do not necessarily represent or reflect the views of this publishing house. Unless otherwise noted, the author is writing in his/her personal capacity. They are not intended and should not be thought to represent official ideas, attitudes, or policies of any agency or institution.